Standard Encryption for your financial data
At FinancialAha, the data stored in the cloud is encrypted both during transmission (in transit) and while stored on servers (at rest).
Note: Standard encryption is applicable for all accounts using cloud storage. For browser storage or manual import/export, you are responsible for securing your financial data.
TL;DR: Securely storing and transmitting your financial data is essential for protecting it from unauthorized access or interception. This involves utilizing secure communication protocols to encrypt data during transmission over networks, as well as storage encryption algorithms and architectures.
During transmission (in transit)
Encrypting data in transit ensures that, as it travels from your end to the intended recipient, it remains secure and immune to unauthorized access or tampering. Your intended recipient can be either FinancialAha's servers for storage purposes or a collaborator of yours.
FinancialAha uses the TLS (Transport Layer Security) protocol to encrypt data during transmission over the internet, ensuring secure communication. TLS is the current standard for ensuring privacy and data integrity between two or more computer systems that communicate with each other. This protocol uses encryption to help prevent eavesdropping, interception, and tampering of data in transit.
TLS is commonly seen represented by the lock icon adjacent to HTTPS (HyperText Transfer Protocol Secure) websites.
Data transmission security can also refer to manually sending (sharing) a backup export file to colleagues, clients, family members or advisors through email or instant messaging. This type of transmission exposes your data to even more dangers because your data flows through other systems and organizations, making it more vulnerable to interception, surveillance, manipulation, and attack. We are strongly against this type of data sharing, and we recommend you to opt for end-to-end encryption to make sure that you and your collaborator are the only ones that can decipher and access the data.
While stored on servers (at rest)
A simple example of data at rest is the information you have stored on your device, whether it is your laptop, phone, a flash drive, external storage, or memory cards. Although you might assume that data not actively transmitted over the internet is safer, attackers may exploit this by attempting to infect your device and extract the data. Encrypting data at rest safeguards it in scenarios such as device loss, theft, or unauthorized access attempts.
Data stored on FinancialAha's servers is securely encrypted using Firebase at rest encryption. Firebase uses strong encryption algorithms to encrypt data at rest. This means that data stored in Firebase services is transformed into an unreadable format using cryptographic keys, making it unintelligible to unauthorized users who attempt to access it directly from disk.
Conclusion and Recommendations
Your financial data is secured by default in transit and at rest when you opt for FinancialAha's cloud storage. At FinancialAha, we call this Standard Encryption. We recommend you to implement this type of encryption on your own if you opt to use browser storage and/or manual import/export.
For added privacy, FinancialAha also implements Advanced Encryption which guarantees you that nobody except you and your authorized collaborators have the technical ability to decipher and read your financial data.